The imap "pem" file contains both the key and the cert.
The "pem" file is named after the service:
  imapsd.pem
  ipop3sd.pem

According to the WU-imap documentation, the files must 
be stored in:
   /etc/ssl/imap/

These files should be protected against random people 
accessing them.  It is permissible for imapsd.pem and 
ipop3sd.pem to be links to the same file.
      
The imapsd.pem and ipop3sd.pem must contain a private 
key and a certificate.  The private key must not be 
encrypted.

Here is a simple way of making the "pem" file from
our previously generated cert and key files:
    cat anncons.net.key anncons.net.cert > imapsd.pem
    cp imapsd.pem /etc/ssl/imap/
    cd /etc/ssl/imap
    ln imapsd.pem ipop3sd.pem

Like mod_ssl, UW-imap does not attempt to verify client 
certificates, so only the certificate data used by the 
daemons needs to be setup properly.